Battles in the Fight Against Ransomware

Ransomware, or the encrypting of a victim’s data until a ransom is paid, is one of the scariest of the many scary things companies face. And health care organizations should be a bit more frightened because, for some reason, this sector is the main target of these hackers.

The security firm offers three possible explanations for the inordinate amount of attacks on health care companies: The high number of non-profit health care organizations suggests that budgets are low and security not as up to date or sophisticated, and these organizations simply have a lot of data to target and much of it is life and death. The criticality of the data makes it more likely that executives will feel compelled to do anything, including paying a ransom, to regain control.

The industry is striking back against ransomware. No More Ransom, an industry group effort, has officially launched. Founding members of the group are Kaspersky Lab, Intel Security, Europol’s European Cybercrime Centre, the Dutch High-Tech Crime unit and Amazon Web Services, according to eWeek. The organization has real tools behind it:

One of No More Ransom's key assets is decryption keys for the Shade ransomware family. Shade is a popular ransomware Trojan that first emerged in 2014. Since then, Intel Security and Kaspersky have been able to block approximately 27,000 attempts to attack users with Shade. It's not clear how many users were infected with Shade, but thanks to the actions of law enforcement, victims now have an easy way to recover their data.

In total, the organization has 160,000 decryption keys that can help Shade victims. The goal is to expand the fight to other forms of ransomware.

Though these are good signs, victory is not nearly at hand. The problem is not going away. For one thing, attacks continue to escalate. Solutionary said that ransomware attacks increased by 198 percent from the beginning of February to the end of May. Better detection and more attacks drove the higher numbers.

It’s also clear that it’s a complicated fight. The SentinelOne offer is impressive. No company would put such a plan on the table if it didn’t have a lot of confidence. But it is not a claim of victory. Jeremiah Grossman, the company’s chief of security strategy, didn’t say that the company would never have to pay out on the guarantee. He told Computerworld that the company’s failure rate is “way less than 1 percent.” That’s a good record, but not a perfect one.

Carl Weinschenk covers telecom for IT Business Edge. He writes about wireless technology, disaster recovery/business continuity, cellular services, the Internet of Things, machine-to-machine communications and other emerging technologies and platforms. He also covers net neutrality and related regulatory issues. Weinschenk has written about the phone companies, cable operators and related companies for decades and is senior editor of Broadband Technology Report. He can be reached at cweinsch@optonline.net and via twitter at @DailyMusicBrk.

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.